From d50dec2d9b92c103134ae4e313c7bbbe5c2f4432 Mon Sep 17 00:00:00 2001
From: 田源 <lastanimals@163.com>
Date: 星期三, 24 四月 2024 16:39:00 +0800
Subject: [PATCH] Merge remote-tracking branch 'origin/master'

---
 Source/UBCS/ubcs-ops/ubcs-admin/src/main/java/com/vci/ubcs/admin/config/SecurityConfiguration.java |   18 ++++++++++++++++--
 1 files changed, 16 insertions(+), 2 deletions(-)

diff --git a/Source/UBCS/ubcs-ops/ubcs-admin/src/main/java/com/vci/ubcs/admin/config/SecurityConfiguration.java b/Source/UBCS/ubcs-ops/ubcs-admin/src/main/java/com/vci/ubcs/admin/config/SecurityConfiguration.java
index 1b1003c..bb44a40 100644
--- a/Source/UBCS/ubcs-ops/ubcs-admin/src/main/java/com/vci/ubcs/admin/config/SecurityConfiguration.java
+++ b/Source/UBCS/ubcs-ops/ubcs-admin/src/main/java/com/vci/ubcs/admin/config/SecurityConfiguration.java
@@ -16,15 +16,22 @@
  */
 package com.vci.ubcs.admin.config;
 
+import com.vci.ubcs.admin.security.CustomAuthenticationManager;
 import de.codecentric.boot.admin.server.config.AdminServerProperties;
 import com.vci.ubcs.admin.security.InternalAuthorizationManager;
+import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.boot.context.properties.EnableConfigurationProperties;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
+import org.springframework.security.authentication.AuthenticationManager;
+import org.springframework.security.authentication.ReactiveAuthenticationManager;
+import org.springframework.security.authorization.ReactiveAuthorizationManager;
 import org.springframework.security.config.annotation.web.reactive.EnableWebFluxSecurity;
 import org.springframework.security.config.web.server.ServerHttpSecurity;
+import org.springframework.security.core.userdetails.UserDetailsService;
 import org.springframework.security.web.server.SecurityWebFilterChain;
 import org.springframework.security.web.server.authentication.RedirectServerAuthenticationSuccessHandler;
+import org.springframework.security.web.server.authorization.AuthorizationContext;
 
 import java.net.URI;
 
@@ -44,7 +51,12 @@
 	}
 
 	@Bean
-	public SecurityWebFilterChain securityWebFilterChain(ServerHttpSecurity http) {
+	public CustomAuthenticationManager customAuthenticationManager(UserDetailsService userDetailsService) {
+		return new CustomAuthenticationManager(userDetailsService);
+	}
+
+	@Bean
+	public SecurityWebFilterChain securityWebFilterChain(ServerHttpSecurity http, CustomAuthenticationManager customAuthenticationManager) {
 		// @formatter:off
 		RedirectServerAuthenticationSuccessHandler successHandler = new RedirectServerAuthenticationSuccessHandler();
 		successHandler.setLocation(URI.create(contextPath + "/"));
@@ -54,6 +66,7 @@
 			.pathMatchers(
 				contextPath + "/assets/**"
 				, contextPath + "/login"
+				, contextPath + "/applications"
 				, contextPath + "/v1/agent/**"
 				, contextPath + "/v1/catalog/**"
 				, contextPath + "/v1/health/**"
@@ -62,7 +75,8 @@
 			.pathMatchers(contextPath + "/actuator", contextPath + "/actuator/**").access(new InternalAuthorizationManager())
 			.anyExchange().authenticated().and()
 			.formLogin().loginPage(contextPath + "/login")
-			.authenticationSuccessHandler(successHandler).and()
+			.authenticationSuccessHandler(successHandler)
+			.authenticationManager(customAuthenticationManager).and()
 			.logout().logoutUrl(contextPath + "/logout").and()
 			.httpBasic().disable()
 			.csrf().disable()

--
Gitblit v1.9.3